cvs commit: src/sys/netinet tcp_input.c tcp_subr.c tcp_timer.c tcp_usrreq.c tcp_var.h

Peter Jeremy peterjeremy at
Sat Apr 1 20:41:32 UTC 2006

On Sat, 2006-Apr-01 16:36:37 +0000, Robert Watson wrote:
>  - Annotate the existence of a long-standing race in the TCP timer code,
>    in which timers are stopped but not drained when the socket is freed,
>    as waiting for drain may lead to deadlocks, or have to occur in a
>    context where waiting is not permitted.  This race has been handled
>    by testing to see if the tcpcb pointer in the inpcb is NULL (and vice
>    versa), which is not normally permitted, but may be true of a inpcb
>    and tcpcb have been freed.  Add a counter to test how often this race
>    has actually occurred, and a large comment for each instance where
>    we compare potentially freed memory with NULL.  This will have to be
>    fixed in the near future, but requires is to further address how to
>    handle the timer shutdown shutdown issue.

Is it worthwhile (or possible) to merge this bit into 6.x earlier to
provide greater exposure and therefore more statistics on the occurrence
of this race?

Peter Jeremy

More information about the cvs-src mailing list